URL:

https://jp.appconner.com/app-google-chrome-%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8?utm_source=bing&utm_medium=cpc&utm_campaign=afcapp_jp_rita_%E4%BD%8E%E4%BB%B7%E9%AB%98%E6%B5%81%E9%87%8F_0.05_1&utm_term=google%20chrome&utm_content=j0261_Google%20Chrome%3A%20%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8

Full analysis: https://app.any.run/tasks/0f765eca-d7f6-4a22-a920-cc197fcf315d
Verdict: Malicious activity
Analysis date: February 15, 2024, 05:37:01
OS: Windows 11 Professional (build: 22000, 64 bit)
Indicators:
MD5:

EED6AF6585273502D8F9F682D8E41E20

SHA1:

32F6E5103D2576C43AD91DA2E0B80536635803D9

SHA256:

BAEC86665BC3AFDF9A396EFC059CE1139335BE52330691DFCC6A0B0C52397BE8

SSDEEP:

6:2cbGcncxWZBzF26WLW5Hhcm0E7Rlh4aCn/DW6vdIUCLBcncxWZBzFr:20Xs9WWm0EOrLW6KUWBkXl

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Creates a writable file in the system directory

      • WinZip Smart Monitor Service.exe (PID: 4464)

  • SUSPICIOUS

    • Reads security settings of Internet Explorer

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads settings of System Certificates

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Checks Windows Trust Settings

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads the Internet Settings

      • Settings.exe (PID: 1620)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Executes as Windows Service

      • WinZip Smart Monitor Service.exe (PID: 4464)

    • Searches for installed software

      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZipSmartMonitor.exe (PID: 5816)

  • INFO

    • Reads settings of System Certificates

      • explorer.exe (PID: 4208)

    • Checks proxy server information

      • explorer.exe (PID: 4208)
      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Application launched itself

      • msedge.exe (PID: 1880)
      • msedge.exe (PID: 1040)

    • Reads the Internet Settings

      • explorer.exe (PID: 4208)

    • Reads security settings of Internet Explorer

      • explorer.exe (PID: 4208)

    • Checks supported languages

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 1924)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 4064)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads the machine GUID from the registry

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • WinZipSmartMonitor.exe (PID: 5816)
      • Settings.exe (PID: 4204)

    • Reads the software policy settings

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads the computer name

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 3920)
      • WinZipSmartMonitor.exe (PID: 5816)
      • Settings.exe (PID: 4204)

    • Creates files or folders in the user directory

      • Settings.exe (PID: 1620)
      • explorer.exe (PID: 4208)

    • Creates files in the program directory

      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 1924)
      • WinZip Smart Monitor Service.exe (PID: 4464)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
177
Monitored processes
19
Malicious processes
8
Suspicious processes
3

Behavior graph

Click at the process to see the details
start msedge.exe no specs msedge.exe no specs explorer.exe settings.exe winzip smart monitor service.exe no specs winzipsmartmonitor.exe no specs sc.exe no specs conhost.exe no specs winzip smart monitor service.exe settings.exe no specs settings.exe no specs unsecapp.exe no specs winzip system utilities suite.exe no specs settings.exe no specs msedge.exe no specs msedge.exe no specs settings.exe no specs settings.exe no specs winzipsmartmonitor.exe

Process information

PID
CMD
Path
Indicators
Parent process
1040"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://goto.winzip.com/action/?product=SUS&LinkType=Install&Language=en&BuildID=53&OSource=wzss53&t=&UID=e4cd72ba-84ce5e5e-16b86745-7f374a7d&version=4.0.1.4&license=&r=0&dsi=0C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeWinZip System Utilities Suite.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
111.0.1661.62
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\111.0.1661.62\msedge_elf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1068\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.22000.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
1424"C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe" /ServiceC:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exeWinZipSmartMonitorSetup.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
WinZip Smart Monitor Service
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\winzip smart monitor service.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1620"C:\Program Files\WinZip Smart Monitor\Settings.exe" /RegServerC:\Program Files\WinZip Smart Monitor\Settings.exe
WinZipSmartMonitorSetup.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
Settings
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\settings.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1732"C:\Program Files\WinZip Smart Monitor\Settings.exe" -EmbeddingC:\Program Files\WinZip Smart Monitor\Settings.exesvchost.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
Settings
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\settings.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1880"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://jp.appconner.com/app-google-chrome-%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8?utm_source=bing&utm_medium=cpc&utm_campaign=afcapp_jp_rita_%E4%BD%8E%E4%BB%B7%E9%AB%98%E6%B5%81%E9%87%8F_0.05_1&utm_term=google%20chrome&utm_content=j0261_Google%20Chrome%3A%20%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
111.0.1661.62
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\111.0.1661.62\msedge_elf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll
1924"C:\Program Files\WinZip Smart Monitor\Settings.exe" -EmbeddingC:\Program Files\WinZip Smart Monitor\Settings.exesvchost.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
Settings
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\settings.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
2076"C:\Program Files\WinZip System Utilities Suite\WinZip System Utilities Suite.exe" -splash 6140C:\Program Files\WinZip System Utilities Suite\WinZip System Utilities Suite.exeWinZip System Utilities Suite.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
WinZip System Utilities Suite
Exit code:
62097
Version:
4,0,1,4
Modules
Images
c:\program files\winzip system utilities suite\winzip system utilities suite.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
2400"C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe" -installC:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exeWinZipSmartMonitorSetup.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
WinZip Smart Monitor
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\winzipsmartmonitor.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
3756"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=111.0.5563.149 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=111.0.1661.62 --initial-client-data=0x114,0x118,0x11c,0xf0,0x128,0x7ff87ecab5f8,0x7ff87ecab608,0x7ff87ecab618C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
111.0.1661.62
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\111.0.1661.62\msedge_elf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll
Total events
42 450
Read events
42 337
Write events
108
Delete events
5

Modification events

(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000060266
Operation:writeName:VirtualDesktop
Value:
1000000030304456FCABD65A4389144799D3EAE4E24A89DB
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\ThirdParty
Operation:writeName:StatusCodes
Value:
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\ThirdParty
Operation:writeName:StatusCodes
Value:
01000000
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000090282
Operation:writeName:VirtualDesktop
Value:
1000000030304456FCABD65A4389144799D3EAE4E24A89DB
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Operation:writeName:ZFRqtr
Value:
000000000F000000240000000DE11100000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BFFFFFFFFF00F356ADB82DDA0100000000
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Operation:writeName:HRZR_PGYFRFFVBA
Value:
00000000E7010000B703000075A5AE017B000000830000001C2736004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F007200650072000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B000000830000001C2736004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F007200650072000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B000000830000001C2736004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F00720065007200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Operation:writeName:ZFRqtr
Value:
000000000F0000002400000066A11400000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BFFFFFFFFF00F356ADB82DDA0100000000
Executable files
0
Suspicious files
12
Text files
2
Unknown types
5

Dropped files

PID
Process
Filename
Type
4208explorer.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\57C8EDB95DF3F0AD4EE2DC2B8CFD4157compressed
MD5:1BFE591A4FE3D91B03CDF26EAACD8F89
SHA256:9CF94355051BF0F4A45724CA20D1CC02F76371B963AB7D1E38BD8997737B13D8
1880msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datbinary
MD5:3BA81BFAB5865A66309AA97D51DA831F
SHA256:E82365C7BE287704992CF9322966552D83DF37CBB9C5520108D9651270AC226D
1620Settings.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5binary
MD5:9C40DE70F868B91EEF1C3AE1BF6B264C
SHA256:E1439140A2A14A3B576F5CFCD459F67570DFE136C2760FB17A61541A72E40EE3
4208explorer.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\57C8EDB95DF3F0AD4EE2DC2B8CFD4157binary
MD5:5F9B64A4FA4F6AF3BCB6B2644E14BAB5
SHA256:26818E1DAFA7D15F56F24049437A78FF77385D3684D186E9B8DE7F5E981F7D82
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5binary
MD5:E11E87C659C5C7485841D3C58A211771
SHA256:F92AAE0BA568F0025CB768F656FA0E679B24292AF61AE3371FC33C85E1DEE234
1620Settings.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66AE3BFDF94A732B262342AD2154B86E_A136AB54DEB3A883BF1C643440FFF3F3binary
MD5:6966BCBC30DE6C1C2C2E91CACFB20D34
SHA256:5EDDABB75645D1EBD758AC3B22A4A0C774766811FC26FB3C57C3EFD7AA0AC917
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5binary
MD5:6C0690491BB583D780A641CA3ABBE226
SHA256:DCFF0D2DAF054EDB73AC8E322CA2414D139C822A5240406E51B551985631410E
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\66AE3BFDF94A732B262342AD2154B86E_A136AB54DEB3A883BF1C643440FFF3F3binary
MD5:A9D233475D4719120311E95DC5348074
SHA256:7F2C5B73F9EE35F5E2EA30BAF414E5E64A64DC2A0E9418B53FF3641E5053B7C4
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66AE3BFDF94A732B262342AD2154B86E_A136AB54DEB3A883BF1C643440FFF3F3der
MD5:6966BCBC30DE6C1C2C2E91CACFB20D34
SHA256:5EDDABB75645D1EBD758AC3B22A4A0C774766811FC26FB3C57C3EFD7AA0AC917
4208explorer.exeC:\Users\admin\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.datbinary
MD5:84418143D4EA6C829486C2E0B588D9BB
SHA256:94941FD0417BF809EADC4CDA6234B1C07E8AA8403D2E264858A2747CFBFF02E3
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
28
TCP/UDP connections
178
DNS requests
166
Threats
3

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
3752
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
binary
471 b
unknown
4208
explorer.exe
GET
200
93.184.221.240:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedcertstl.cab?36feffb6517e55c4
unknown
compressed
4.66 Kb
unknown
1412
svchost.exe
GET
200
2.16.164.42:80
http://www.msftconnecttest.com/connecttest.txt
unknown
text
22 b
unknown
5180
msedge.exe
GET
200
173.222.108.226:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?f50ae33ad2b5d091
unknown
compressed
65.2 Kb
unknown
5180
msedge.exe
GET
200
173.222.108.226:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?85a7b531b6b6be21
unknown
compressed
65.2 Kb
unknown
2340
smartscreen.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfIs%2BLjDtGwQ09XEB1Yeq%2BtX%2BBgQQU7NfjgtJxXWRM3y5nP%2Be6mK4cD08CEAitQLJg0pxMn17Nqb2Trtk%3D
unknown
binary
727 b
unknown
2340
smartscreen.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSRXerF0eFeSWRripTgTkcJWMm7iQQUaDfg67Y7%2BF8Rhvv%2BYXsIiGX0TkICEAPTNcvmQOXH%2Fsp3YDkB5VY%3D
unknown
binary
727 b
unknown
2340
smartscreen.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEApDqVCbATUviZV57HIIulA%3D
unknown
binary
471 b
unknown
6016
WinZip System Utilities Suite.exe
GET
200
142.250.185.131:80
http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
unknown
binary
1.41 Kb
unknown
1892
WinZip System Utilities Suite.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEA6bGI750C3n79tQ4ghAGFo%3D
unknown
binary
471 b
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4588
svchost.exe
239.255.255.250:1900
unknown
5180
msedge.exe
224.0.0.251:5353
unknown
2664
msedge.exe
94.245.104.56:443
api.edgeoffer.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2664
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2664
msedge.exe
172.66.40.125:443
jp.appconner.com
CLOUDFLARENET
US
unknown
2664
msedge.exe
204.79.197.239:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
4208
explorer.exe
93.184.221.240:80
ctldl.windowsupdate.com
EDGECAST
GB
whitelisted
2664
msedge.exe
216.58.212.170:443
fonts.googleapis.com
GOOGLE
US
whitelisted
2664
msedge.exe
142.250.186.34:443
pagead2.googlesyndication.com
GOOGLE
US
unknown
2664
msedge.exe
142.250.185.131:443
fonts.gstatic.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
api.edgeoffer.microsoft.com
  • 94.245.104.56
whitelisted
config.edge.skype.com
  • 13.107.42.16
whitelisted
jp.appconner.com
  • 172.66.40.125
  • 172.66.43.131
unknown
edge.microsoft.com
  • 204.79.197.239
  • 13.107.21.239
whitelisted
ctldl.windowsupdate.com
  • 93.184.221.240
  • 173.222.108.226
  • 173.222.108.210
whitelisted
fonts.googleapis.com
  • 216.58.212.170
  • 142.250.181.234
  • 142.250.186.106
whitelisted
fonts.gstatic.com
  • 142.250.185.131
  • 172.217.23.99
whitelisted
pagead2.googlesyndication.com
  • 142.250.186.34
  • 142.250.186.162
whitelisted
adservice.google.com
  • 142.250.185.162
whitelisted
googleads.g.doubleclick.net
  • 142.250.181.226
  • 142.250.186.162
whitelisted

Threats

PID
Process
Class
Message
1412
svchost.exe
Misc activity
ET INFO Microsoft Connection Test
2664
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] jQuery JavaScript Library Code Loaded (code.jquery .com)
2664
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Global content delivery network (unpkg .com)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2025 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://jp.appconner.com/app-google-chrome-%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8?utm_source=bing&utm_medium=cpc&utm_campaign=afcapp_jp_rita_%E4%BD%8E%E4%BB%B7%E9%AB%98%E6%B5%81%E9%87%8F_0.05_1&utm_term=google%20chrome&utm_content=j0261_Google%20Chrome%3A%20%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8